Lucene search
MitreCVE-2009-0965HistoryMar 19, 2009 - 10:30 a.m.
CVE-2009-0965
2009-03-1910:30:00
CWE-89
mitre
web.nvd.nist.gov
25
cve-2009-0965
sql injection
ganesha digital library
gdl 4.0
gdl 4.2
browse.php
remote code execution
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.7
Confidence
Low
EPSS
0.001
Percentile
37.5%
SQL injection vulnerability in functions/browse.php in Ganesha Digital Library (GDL) 4.0 and 4.2 allows remote attackers to execute arbitrary SQL commands via the node parameter in a browse action to gdl.php.
Affected configurations
Node
ismail_fahmiganesha_digital_libraryMatch4.0
ORismail_fahmiganesha_digital_libraryMatch4.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ismail_fahmi | ganesha_digital_library | 4.0 | cpe:2.3:a:ismail_fahmi:ganesha_digital_library:4.0:*:*:*:*:*:*:* |
| ismail_fahmi | ganesha_digital_library | 4.2 | cpe:2.3:a:ismail_fahmi:ganesha_digital_library:4.2:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2009-0965
2009-03-19 10:30:00
cvelist
cvelist
CVE-2009-0965
2009-03-19 10:00:00
exploitdb
exploitdb
GDL 4.x - 'node' SQL Injection
2009-03-17 00:00:00
prion
prion
Sql injection
2009-03-19 10:30:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.7
Confidence
Low
EPSS
0.001
Percentile
37.5%
Related for CVE-2009-0965